iaik.x509.ocsp.extensions

Class PreferredSignatureAlgorithms

java.lang.Object

iaik.x509.V3Extension

iaik.x509.ocsp.extensions.PreferredSignatureAlgorithms

public class PreferredSignatureAlgorithms
extends V3Extension

This class implements the OCSP PreferredSignatureAlgorithms extension.

The PreferredSignatureAlgorithms extension has been introduced by RFC 6960 as non critical OCSP request extension.

Each OCSP extension is associated with a specific ocsp extension object identifier, derived from RFC 6960:

 id-pkix  OBJECT IDENTIFIER  ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) }

 id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }       
        -- arc for access descriptors

 id-ad-ocsp      OBJECT IDENTIFIER ::= { id-ad 1 }
 
 id-pkix-ocsp    OBJECT IDENTIFIER ::= { id-ad-ocsp }
 

The object identifier for the PreferredSignatureAlgorithms extension is defined as:

 id-pkix-ocsp-pref-sig-algs           OBJECT IDENTIFIER ::= { id-pkix-ocsp 8 }
 

which corresponds to the OID string "1.3.6.1.5.5.7.48.1.8".

The Online Certificate Status Protocol (RFC 6960) specifies the PreferredSignatureAlgorithms extension for allowing an OCSP client to announce its preferred signature algorithms.

ASN.1 definition:

 PreferredSignatureAlgorithms ::= SEQUENCE OF
                                  PreferredSignatureAlgorithm

 PreferredSignatureAlgorithm ::= SEQUENCE {
    sigIdentifier        AlgorithmIdentifier,
    pubKeyAlgIdentifier  SMIMECapability OPTIONAL
    }

 

The sigIdentifier field of an PreferredSignatureAlgorithm specifies the signature algorithms the client prefers, the (optional) pubKeyAlgIdentifier specifies the public key algorithm identifier the client prefers in the responder certificate.

A PreferredSignatureAlgorithms extension may be added to the extensions of an OCSPRequest, e.g.:

 AlgorithmID sigID = (AlgorithmID)AlgorithmID.sha256WithRSAEncryption.clone();
 PreferredSignatureAlgorithm[] algorithms = { new PreferredSignatureAlgorithm(sigID) };
 PreferredSignatureAlgorithms preferredSignatureAlgorithms =
    new PreferredSignatureAlgorithms(algorithms);
 ...
 OCSPRequest request = ...;
 request.addExtension(preferredSignatureAlgorithms);
 

Version:

File Revision 11

See Also:

OCSPRequest

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	PreferredSignatureAlgorithms.PreferredSignatureAlgorithm This class implements the PreferredSignatureAlgorithm component of the OCSP PrefferedSignatureAlgorithms extension.

Field Summary

Fields

Modifier and Type	Field and Description
static ObjectID	oid The object identifier of this PreferredSignatureAlgorithms extension.

Fields inherited from class iaik.x509.V3Extension

critical

Constructor Summary

Constructors

Constructor and Description
PreferredSignatureAlgorithms() Default constructor.
PreferredSignatureAlgorithms(PreferredSignatureAlgorithms.PreferredSignatureAlgorithm[] algorithms) Creates a PreferredSignatureAlgorithms object for the list of preferred algorithms.

Method Summary

Methods

Modifier and Type	Method and Description
boolean	equals(java.lang.Object obj) Compares this PreferredSignatureAlgorithms to the specified object.
PreferredSignatureAlgorithms.PreferredSignatureAlgorithm[]	getAlgorithms() Gets the list of preferred signature algorithms.
ObjectID	getObjectID() Returns the object ID of this PreferredSignatureAlgorithms extension
int	hashCode() Returns a hashcode for this identity.
void	init(ASN1Object obj) Inits this PreferredSignatureAlgorithms implementation with an ASN1object representing the value of this extension.
ASN1Object	toASN1Object() Returns an ASN1Object representing the value of this PreferredSignatureAlgorithms extension.
java.lang.String	toString() Returns a string that represents the contents of this PreferredSignatureAlgorithms extension.

Methods inherited from class iaik.x509.V3Extension

getName, isCritical, setCritical

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

oid

public static final ObjectID oid

The object identifier of this PreferredSignatureAlgorithms extension. The corresponding OID string is "1.3.6.1.5.5.7.48.1.8".

Constructor Detail

PreferredSignatureAlgorithms

public PreferredSignatureAlgorithms()

Default constructor. Used for dynamic object creation. Shall not be used by an application.

PreferredSignatureAlgorithms

public PreferredSignatureAlgorithms(PreferredSignatureAlgorithms.PreferredSignatureAlgorithm[] algorithms)

Creates a PreferredSignatureAlgorithms object for the list of preferred algorithms.

Parameters:

algorithms - the list of preferred signature algorithms

Method Detail

getObjectID

public ObjectID getObjectID()

Returns the object ID of this PreferredSignatureAlgorithms extension

Specified by:

getObjectID in class V3Extension

Returns:

the object ID

getAlgorithms

public PreferredSignatureAlgorithms.PreferredSignatureAlgorithm[] getAlgorithms()

Gets the list of preferred signature algorithms.

Returns:

the list of preferred signature algorithms.

init

public void init(ASN1Object obj)
          throws X509ExtensionException

Inits this PreferredSignatureAlgorithms implementation with an ASN1object representing the value of this extension.

This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

The ASN1Object supplied to this method will reflect the ASN.1 representation of the PreferredSignatureAlgorithms extension value:

 PreferredSignatureAlgorithms ::= SEQUENCE OF
                                  PreferredSignatureAlgorithm

 PreferredSignatureAlgorithm ::= SEQUENCE {
    sigIdentifier        AlgorithmIdentifier,
    pubKeyAlgIdentifier  SMIMECapability OPTIONAL
    }

 

Specified by:

init in class V3Extension

Parameters:

obj - the PreferredSignatureAlgorithms as ASN1Object

Throws:

X509ExtensionException - if the extension could not parse the ASN1Object

toASN1Object

public ASN1Object toASN1Object()
                        throws X509ExtensionException

Returns an ASN1Object representing the value of this PreferredSignatureAlgorithms extension.

The ASN1Object returned by this method will reflect the ASN.1 representation of the PreferredSignatureAlgorithms extension value:

 PreferredSignatureAlgorithms ::= SEQUENCE OF
                                  PreferredSignatureAlgorithm

 PreferredSignatureAlgorithm ::= SEQUENCE {
    sigIdentifier        AlgorithmIdentifier,
    pubKeyAlgIdentifier  SMIMECapability OPTIONAL
    }

 

Specified by:

toASN1Object in class V3Extension

Returns:

the value of this PreferredSignatureAlgorithms as ASN1Object

Throws:

X509ExtensionException - if the extension could not be created

hashCode

public int hashCode()

Returns a hashcode for this identity.

Specified by:

hashCode in class V3Extension

Returns:

a hash code for this identity

equals

public boolean equals(java.lang.Object obj)

Compares this PreferredSignatureAlgorithms to the specified object.
The comparison is based on the encoding, i.e. any parameters are included in the comparison and NULL and absent parameters will give a negative comparison result.

Overrides:

equals in class java.lang.Object

Parameters:

obj - the object to compare this PreferredSignatureAlgorithms against.

Returns:

true, if the given object is equal to this PreferredSignatureAlgorithms, false otherwise

toString

public java.lang.String toString()

Returns a string that represents the contents of this PreferredSignatureAlgorithms extension.

Overrides:

toString in class java.lang.Object

Returns:

the string representation